CVE-2011-4619

Scores

EPSS

0.038very_low3.8%
0%20%40%60%80%100%

Percentile: 3.8%

CVSS

4.3medium2.0
0246810

CVSS Score: 4.3/10

All CVSS Scores

CVSS 2.0
4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Description

The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

debiannvdredhatubuntu

CWEs

CWE-399

Vulnerable Software (8)

Type: Configuration

Product: openssl

Operating System: ubuntu hardy 8.04

Trait:
{  "fixed": "0.9.8g-4ubuntu3.15"}

Source: ubuntu

Type: Configuration

Product: openssl

Operating System: debian

Trait:
{  "fixed": "1.0.0h-1"}

Source: debian

Type: Configuration

Product: openssl

Operating System: rhel 4

Trait:
{  "fixed": "0.9.7a-43.18.el4"}

Source: redhat

Type: Configuration

Product: openssl

Operating System: rhel 5

Trait:
{  "fixed": "0.9.8e-20.el5_7.1"}

Source: redhat

Type: Configuration

Product: openssl

Operating System: rhel 6

Trait:
{  "fixed": "1.0.0-20.el6_2.1"}

Source: redhat

Type: Configuration

Product: rhev-hypervisor6

Operating System: rhel 6

Trait:
{  "fixed": "6.2-20120209.0.el6_2"}

Source: redhat

Type: Configuration

Vendor: openssl

Product: openssl

Operating System: * * *

Trait:
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",      "versionEndIncluding": "0.9.8r",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:openss...

Source: nvd

Type: Configuration

Vendor: openssl

Product: openssl

Operating System: * * *

Trait:
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",      "versionEndIncluding": "1.0.0e",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:openss...

Source: nvd